Design and analysis of secure encryption schemes

In this thesis, we design, and analyze the security of, several encryption schemes both in the private-key and public-key setting. Our main goal is to provide schemes for which we can provide theoretical proofs of security, but which are also efficient and practical.; We begin by describing a new public-key encryption scheme based on the Diffie-Hellman problem, called DHIES. The main goal of DHIES is to not only be as efficient as the ElGamal encryption scheme, but to also provide security against chosen-ciphertext attacks. DHIES is a Diffie-Hellman based scheme that combines a private-key encryption method, a message authentication code, and a hash function, in addition to number-theoretic operations. The proofs of security are based on the assumption that the underlying symmetric primitives are secure and on appropriate assumptions about the Diffie-Hellman problem. Our proofs are in the standard model; no random-oracle assumption is required. DHIES is now in the draft standards of ANSI X9.63 [6] and IEEE P1363a [50] and in the corporate standard SECG [71].; Next, we study re-keyed encryption schemes. These are schemes in which shared keys are not used directly to encrypt messages, but rather used as a master key to derive sub-keys, which are then used to encrypt messages. This is a commonly employed paradigm in computer security systems, about whose security benefits users appear to have various expectations. In this thesis, we provide concrete security analyses of various re-keying mechanisms and their usage. We show that re-keying does indeed “increase” security, effectively extending the lifetime of the master key and bringing significant, provable security gains in practical situations.; We also study the problem of secure encryption in the broadcast model, where a broadcast center wants to communicate securely with a set of users (the target set) over an insecure broadcast channel.